WordPress fixes XSS, CSRF flaws in latest core update

It’s been a bad few weeks to be a WordPress administrator, with a number of security updates to the core content management system and a handful of widely used third-party plugins.

Get those patches before someone comes along and defaces your website, steals information from the database, or modifies the site to distribute malware.The latest update, version 4.7.3, is a combination maintenance release and security update that addresses six security vulnerabilities and 39 maintenance issues.

Three of the six security vulnerabilities can lead to cross-site scripting attacks.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]
“This is a security release for all previous versions, and we strongly encourage you to update your sites immediately,” WordPress said in its release notification.To read this article in full or to leave a comment, please click here

CATEGORIES

Cyber Parse was created to provide knowledge to help everyone understand and deal with the ever increasing threats we all face by Cyber Crime (Malware, Social Engineering, Phishing and hacking).
Our purpose is to provide the right information to our readers by breaking down and communicating knowledge relating to Cyber Crime, Cyber Security, Information Security and Computer Security, then using Risk Management practices to help translate the technical aspects of the Risks, Threats, Vulnerabilities and controls to reduce the risk into business language.